Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/36322e3134362e3233322e302f32312d3332203d3e203430303231.roa
File: 36322e3134362e3233322e302f32312d3332203d3e203430303231.roa (raw, json)
Hash identifier: W2WzRndGMqcvaXA+d8p65YoThMgpMshVmvbPal4fEp4=
Subject key identifier: 45:81:2C:6D:CB:6C:E6:65:08:04:65:63:83:5E:84:FC:32:9B:25:35
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 64A7F93D7E41343C56F9F472C746661A5A372B74
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/36322e3134362e3233322e302f32312d3332203d3e203430303231.roa
Signing time: Tue 18 Feb 2025 10:45:43 +0000
ROA not before: Tue 18 Feb 2025 10:40:43 +0000
ROA not after: Tue 17 Feb 2026 10:45:43 +0000
asID: 40021
IP address blocks: 62.146.232.0/21 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:a7:f9:3d:7e:41:34:3c:56:f9:f4:72:c7:46:66:1a:5a:37:2b:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 18 10:40:43 2025 GMT
Not After : Feb 17 10:45:43 2026 GMT
Subject: CN=45812C6DCB6CE66508046563835E84FC329B2535
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:19:4f:15:17:1b:fd:24:fe:09:ad:5c:5f:d2:
7d:39:af:d0:5c:7c:a1:44:22:b3:2b:aa:20:7e:38:
f1:aa:26:da:97:30:5e:ba:5d:2b:bb:74:bf:b5:7d:
13:e4:a3:74:02:0c:77:ef:e0:9c:a4:da:4a:13:6e:
ff:4e:8b:d9:b2:62:59:cd:88:4f:c0:9d:8a:8f:c2:
3c:cf:ca:c1:fc:a2:6c:1e:ca:b8:17:22:d5:2b:73:
80:55:4f:88:05:a9:55:3a:10:01:fd:5c:93:fb:87:
3f:6a:06:11:7b:c9:8c:3e:75:9d:f8:d1:79:d9:34:
d8:b8:22:2e:95:9c:60:22:dd:52:b6:b2:14:f3:03:
34:98:c9:c1:18:80:90:f5:1a:9a:41:e1:97:45:03:
34:02:b0:ad:3e:b5:01:94:8e:22:3d:8f:63:dd:cc:
e1:3d:df:f0:76:9f:f2:49:8e:42:94:4e:f4:00:73:
db:40:f9:6a:45:0b:6d:b1:07:1b:4b:6f:1b:b8:2e:
2a:c1:16:a8:71:ba:10:9c:ec:7e:b4:7f:f0:b7:c5:
a7:21:07:8d:66:22:79:63:55:b2:60:e1:9d:92:8a:
b4:ef:71:d9:71:8c:e8:7e:a3:e1:a5:80:8e:87:29:
3c:e6:4c:5b:99:51:8b:5c:8d:81:02:54:30:b1:78:
70:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:81:2C:6D:CB:6C:E6:65:08:04:65:63:83:5E:84:FC:32:9B:25:35
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/36322e3134362e3233322e302f32312d3332203d3e203430303231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.146.232.0/21
Signature Algorithm: sha256WithRSAEncryption
6b:cf:9a:2a:b2:e4:6e:48:1e:09:d9:a6:fa:07:bb:09:6d:cc:
02:3e:da:75:2f:a2:3d:fe:38:31:bd:82:a7:ed:38:77:6e:e6:
c5:d8:f7:2b:04:b4:7b:14:37:c9:32:3c:bd:6e:fb:5a:79:f6:
8b:df:36:2a:ce:4e:6f:48:aa:43:34:bf:46:39:70:14:10:ef:
18:62:79:b0:9a:85:f8:71:8e:e3:05:cc:f0:2f:1d:ca:a7:1a:
35:08:5d:5a:49:b8:b9:14:50:9c:55:9e:d0:2e:55:55:c0:68:
b3:2f:2c:98:77:15:6c:f2:f1:54:df:6c:97:0b:12:b6:e2:33:
55:0e:25:ab:8e:4b:5d:6c:3b:a6:19:16:bb:30:41:6e:00:46:
b2:30:7a:ec:c6:95:bd:80:fa:75:c5:ab:e3:38:2b:2a:ba:59:
09:3d:80:5d:58:91:6c:4b:9b:e9:12:61:0b:4e:a0:7c:f7:d4:
93:16:0d:a9:a6:61:02:a5:a7:2b:ad:3a:d2:3f:31:0e:2f:61:
5b:9c:f1:47:91:45:10:fa:7a:a4:dc:4a:16:ad:7e:ae:1b:04:
df:b0:af:3b:08:76:c3:04:10:73:19:f9:e9:c6:47:4e:b9:cc:
8c:77:d8:37:51:6f:8f:90:05:a3:af:cc:0f:f9:b0:1d:87:20:
7c:76:d0:e5
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUZKf5PX5BNDxW+fRyx0ZmGlo3K3QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAyMTgxMDQwNDNaFw0yNjAyMTcxMDQ1NDNaMDMxMTAvBgNV
BAMTKDQ1ODEyQzZEQ0I2Q0U2NjUwODA0NjU2MzgzNUU4NEZDMzI5QjI1MzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBGU8VFxv9JP4JrVxf0n05r9Bc
fKFEIrMrqiB+OPGqJtqXMF66XSu7dL+1fRPko3QCDHfv4Jyk2koTbv9Oi9myYlnN
iE/AnYqPwjzPysH8omweyrgXItUrc4BVT4gFqVU6EAH9XJP7hz9qBhF7yYw+dZ34
0XnZNNi4Ii6VnGAi3VK2shTzAzSYycEYgJD1GppB4ZdFAzQCsK0+tQGUjiI9j2Pd
zOE93/B2n/JJjkKUTvQAc9tA+WpFC22xBxtLbxu4LirBFqhxuhCc7H60f/C3xach
B41mInljVbJg4Z2SirTvcdlxjOh+o+GlgI6HKTzmTFuZUYtcjYECVDCxeHDNAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQURYEsbcts5mUIBGVjg16E/DKbJTUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzYzMjJlMzEzNDM2MmUzMjMz
MzIyZTMwMmYzMjMxMmQzMzMyMjAzZDNlMjAzNDMwMzAzMjMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD
PpLoMA0GCSqGSIb3DQEBCwUAA4IBAQBrz5oqsuRuSB4J2ab6B7sJbcwCPtp1L6I9
/jgxvYKn7Th3bubF2PcrBLR7FDfJMjy9bvtaefaL3zYqzk5vSKpDNL9GOXAUEO8Y
YnmwmoX4cY7jBczwLx3Kpxo1CF1aSbi5FFCcVZ7QLlVVwGizLyyYdxVs8vFU32yX
CxK24jNVDiWrjktdbDumGRa7MEFuAEayMHrsxpW9gPp1xavjOCsqulkJPYBdWJFs
S5vpEmELTqB899STFg2ppmECpacrrTrSPzEOL2FbnPFHkUUQ+nqk3EoWrX6uGwTf
sK87CHbDBBBzGfnpxkdOucyMd9g3UW+PkAWjr8wP+bAdhyB8dtDl
-----END CERTIFICATE-----
Generated at Fri Apr 4 15:57:35 2025 by rpki-client